Though a few years old (2004) this discussion thread supplies a lot of useful information on anti-sniffing methods. Most of these methods deal with handling the people side of the problem. This article also supplies some information of interest.
Good Luck!
-Flame

Using SSH, IPSec or other solutions to encrypt your traffic would probably be the best solution. It's not invulnerable; even if the crypto holds up (it should) someone can steal the keys. You should also be using switches and not hubs. Switches prevent passive sniffing attacks and require attackers to flood the switch or do a man-in-the-middle attack to read most traffic. You should also use port security on your switches. Port security (as implemented by Cisco) allows you to restrict the number of MAC addresses that can communicate through each physical switch port. If the switch detects a second MAC address it can either shut down the port, refuse to accept traffic from the new address, or alert the network administrator through an SNMP trap. Since attackers spoof additional MAC addresses in order to conduct the man-in-the-middle and flooding attacks which allow them to sniff on a switched network, this will prevent most sniffing.

Regards,

Unicityd

Please complete the following information:

REGISTER / LOG-IN TO DISCUSS

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Submit your e-mail address below to continue

E-mail: 

E-mail: 

Handle:   

Password: 

Forgot Password?

Create Handle: 

Your handle identifies you in ITKnowledgeExchange. Max 30 char.

Create Password: 

Confirm Password: 

Yes, I agree to the IT Knowledge Exchange  Terms and Conditions.

hidden modal window